| File name: | 1 (237) |
| Full analysis: | https://app.any.run/tasks/1986c20d-8711-44be-b6e0-ee970bb61d55 |
| Verdict: | Malicious activity |
| Analysis date: | March 24, 2025, 19:15:40 |
| OS: | Windows 10 Professional (build: 19044, 64 bit) |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections |
| MD5: | 5B8C81E3B8D53E1519CA82E1A93D34A0 |
| SHA1: | A1CCEAFB2ADE28A85940A7216243AE758E31B692 |
| SHA256: | D44B8D278B265CECC7EE77934BC1FF15116154C5065531365EE47AD01DD7984B |
| SSDEEP: | 6144:hPNgX7ItFD1HA5alrBYRciH5tBqGvJGB3/cyAeyTk/8SwjwpyugEhJj9nrwnHqxM:hF2MRHA5SrKZBvha3EyAeyYx4DxmDsR |
MALICIOUS
No malicious indicators.SUSPICIOUS
Starts itself from another location
- Unicorn-14994.exe (PID: 516)
- 1 (237).exe (PID: 3268)
- Unicorn-31549.exe (PID: 6392)
- Unicorn-56010.exe (PID: 4448)
- Unicorn-18093.exe (PID: 6156)
- Unicorn-42274.exe (PID: 5736)
- Unicorn-25855.exe (PID: 4976)
- Unicorn-56001.exe (PID: 6816)
- Unicorn-60832.exe (PID: 2096)
- Unicorn-2716.exe (PID: 2236)
- Unicorn-2716.exe (PID: 6268)
- Unicorn-61709.exe (PID: 6676)
- Unicorn-15772.exe (PID: 2268)
- Unicorn-9907.exe (PID: 1328)
- Unicorn-37766.exe (PID: 6592)
- Unicorn-31635.exe (PID: 6752)
- Unicorn-15015.exe (PID: 6080)
- Unicorn-52218.exe (PID: 856)
- Unicorn-48456.exe (PID: 7184)
- Unicorn-48456.exe (PID: 7180)
- Unicorn-54164.exe (PID: 7216)
- Unicorn-7730.exe (PID: 7260)
- Unicorn-10530.exe (PID: 7268)
- Unicorn-21814.exe (PID: 7228)
- Unicorn-54164.exe (PID: 7204)
- Unicorn-35135.exe (PID: 7244)
- Unicorn-21814.exe (PID: 7224)
- Unicorn-16395.exe (PID: 7252)
- Unicorn-46017.exe (PID: 7616)
- Unicorn-58269.exe (PID: 7644)
- Unicorn-53920.exe (PID: 7660)
- Unicorn-38403.exe (PID: 7636)
- Unicorn-8253.exe (PID: 7804)
- Unicorn-28119.exe (PID: 7792)
- Unicorn-36095.exe (PID: 7876)
- Unicorn-44455.exe (PID: 7832)
- Unicorn-58745.exe (PID: 7852)
- Unicorn-3806.exe (PID: 7988)
- Unicorn-64190.exe (PID: 8012)
- Unicorn-36649.exe (PID: 7900)
- Unicorn-64190.exe (PID: 8004)
- Unicorn-3806.exe (PID: 7980)
- Unicorn-60661.exe (PID: 8096)
- Unicorn-14227.exe (PID: 8128)
- Unicorn-40298.exe (PID: 8184)
- Unicorn-59037.exe (PID: 8052)
- Unicorn-64190.exe (PID: 7996)
- Unicorn-59037.exe (PID: 8044)
- Unicorn-8859.exe (PID: 8088)
- Unicorn-3292.exe (PID: 8136)
- Unicorn-15097.exe (PID: 8116)
- Unicorn-3292.exe (PID: 8144)
- Unicorn-3292.exe (PID: 8152)
- Unicorn-64190.exe (PID: 8036)
- Unicorn-14012.exe (PID: 8064)
- Unicorn-41501.exe (PID: 7404)
- Unicorn-4766.exe (PID: 7148)
- Unicorn-4004.exe (PID: 7692)
- Unicorn-6804.exe (PID: 7700)
- Unicorn-58606.exe (PID: 7676)
- Unicorn-56982.exe (PID: 5972)
- Unicorn-50822.exe (PID: 6028)
- Unicorn-64465.exe (PID: 2088)
- Unicorn-23433.exe (PID: 7932)
- Unicorn-874.exe (PID: 7756)
- Unicorn-17704.exe (PID: 6972)
- Unicorn-48492.exe (PID: 4200)
- Unicorn-54714.exe (PID: 7764)
- Unicorn-60189.exe (PID: 7732)
- Unicorn-2820.exe (PID: 7524)
- Unicorn-61350.exe (PID: 728)
- Unicorn-58051.exe (PID: 7424)
- Unicorn-56909.exe (PID: 7896)
- Unicorn-38299.exe (PID: 7360)
- Unicorn-59374.exe (PID: 6872)
- Unicorn-12311.exe (PID: 8224)
- Unicorn-18555.exe (PID: 8280)
- Unicorn-18856.exe (PID: 8216)
- Unicorn-15841.exe (PID: 5576)
- Unicorn-38399.exe (PID: 2560)
- Unicorn-26723.exe (PID: 8316)
- Unicorn-34982.exe (PID: 8260)
- Unicorn-8803.exe (PID: 8432)
- Unicorn-42959.exe (PID: 8532)
- Unicorn-12332.exe (PID: 8460)
- Unicorn-4164.exe (PID: 8424)
- Unicorn-52908.exe (PID: 8516)
- Unicorn-33307.exe (PID: 8604)
- Unicorn-32521.exe (PID: 8500)
- Unicorn-25139.exe (PID: 8492)
- Unicorn-43059.exe (PID: 8364)
- Unicorn-8248.exe (PID: 8380)
- Unicorn-40159.exe (PID: 8524)
- Unicorn-28212.exe (PID: 8716)
- Unicorn-24585.exe (PID: 8448)
- Unicorn-8248.exe (PID: 8372)
- Unicorn-49196.exe (PID: 8552)
- Unicorn-24484.exe (PID: 8640)
- Unicorn-19432.exe (PID: 8484)
- Unicorn-12332.exe (PID: 8468)
- Unicorn-24484.exe (PID: 8632)
- Unicorn-8248.exe (PID: 8440)
- Unicorn-635.exe (PID: 8392)
- Unicorn-33307.exe (PID: 8620)
- Unicorn-33307.exe (PID: 8612)
- Unicorn-50028.exe (PID: 8864)
- Unicorn-47335.exe (PID: 8956)
- Unicorn-2310.exe (PID: 8888)
- Unicorn-8440.exe (PID: 8884)
- Unicorn-54133.exe (PID: 9060)
- Unicorn-57641.exe (PID: 8872)
- Unicorn-27598.exe (PID: 9100)
- Unicorn-22473.exe (PID: 744)
- Unicorn-54133.exe (PID: 9052)
- Unicorn-63671.exe (PID: 9000)
- Unicorn-63671.exe (PID: 8992)
- Unicorn-26099.exe (PID: 9008)
- Unicorn-52742.exe (PID: 9044)
- Unicorn-9571.exe (PID: 9172)
- Unicorn-33612.exe (PID: 9136)
- Unicorn-12934.exe (PID: 7584)
- Unicorn-12835.exe (PID: 9116)
- Unicorn-1292.exe (PID: 9016)
- Unicorn-9460.exe (PID: 1512)
- Unicorn-23769.exe (PID: 5936)
- Unicorn-49857.exe (PID: 9204)
- Unicorn-40741.exe (PID: 9304)
- Unicorn-1292.exe (PID: 9168)
- Unicorn-33965.exe (PID: 9268)
- Unicorn-64190.exe (PID: 8024)
- Unicorn-60607.exe (PID: 9284)
- Unicorn-55887.exe (PID: 6032)
- Unicorn-29972.exe (PID: 9248)
- Unicorn-64691.exe (PID: 9276)
- Unicorn-40741.exe (PID: 9292)
- Unicorn-38603.exe (PID: 9368)
- Unicorn-58277.exe (PID: 9456)
- Unicorn-40872.exe (PID: 9496)
- Unicorn-2645.exe (PID: 9540)
- Unicorn-2645.exe (PID: 9548)
- Unicorn-30000.exe (PID: 9568)
- Unicorn-58277.exe (PID: 9464)
- Unicorn-21006.exe (PID: 9488)
- Unicorn-30819.exe (PID: 9600)
- Unicorn-39617.exe (PID: 9656)
- Unicorn-54447.exe (PID: 9532)
- Unicorn-25011.exe (PID: 9668)
- Unicorn-41667.exe (PID: 8308)
- Unicorn-63479.exe (PID: 8576)
- Unicorn-54255.exe (PID: 9820)
- Unicorn-8318.exe (PID: 9828)
- Unicorn-49870.exe (PID: 10068)
- Unicorn-16734.exe (PID: 9904)
- Unicorn-11982.exe (PID: 10028)
- Unicorn-4164.exe (PID: 8416)
- Unicorn-33555.exe (PID: 10100)
- Unicorn-43669.exe (PID: 10136)
- Unicorn-6494.exe (PID: 8848)
- Unicorn-14888.exe (PID: 10204)
- Unicorn-31971.exe (PID: 10156)
- Unicorn-50254.exe (PID: 10236)
- Unicorn-10311.exe (PID: 8560)
- Unicorn-14073.exe (PID: 9520)
- Unicorn-23118.exe (PID: 8476)
Executable content was dropped or overwritten
- 1 (237).exe (PID: 3268)
- Unicorn-31549.exe (PID: 6392)
- Unicorn-25855.exe (PID: 4976)
- Unicorn-18093.exe (PID: 6156)
- Unicorn-56010.exe (PID: 4448)
- Unicorn-14994.exe (PID: 516)
- Unicorn-60832.exe (PID: 2096)
- Unicorn-56001.exe (PID: 6816)
- Unicorn-2716.exe (PID: 6268)
- Unicorn-42274.exe (PID: 5736)
- Unicorn-15772.exe (PID: 2268)
- Unicorn-9907.exe (PID: 1328)
- Unicorn-37766.exe (PID: 6592)
- Unicorn-31635.exe (PID: 6752)
- Unicorn-15015.exe (PID: 6080)
- Unicorn-52218.exe (PID: 856)
- Unicorn-48456.exe (PID: 7184)
- Unicorn-48456.exe (PID: 7180)
- Unicorn-10530.exe (PID: 7268)
- Unicorn-16395.exe (PID: 7252)
- Unicorn-2716.exe (PID: 2236)
- Unicorn-46017.exe (PID: 7616)
- Unicorn-38403.exe (PID: 7636)
- Unicorn-61709.exe (PID: 6676)
- Unicorn-53920.exe (PID: 7660)
- Unicorn-58269.exe (PID: 7644)
- Unicorn-8253.exe (PID: 7804)
- Unicorn-28119.exe (PID: 7792)
- Unicorn-36095.exe (PID: 7876)
- Unicorn-44455.exe (PID: 7832)
- Unicorn-58745.exe (PID: 7852)
- Unicorn-36649.exe (PID: 7900)
- Unicorn-54164.exe (PID: 7216)
- Unicorn-64190.exe (PID: 8012)
- Unicorn-60661.exe (PID: 8096)
- Unicorn-3806.exe (PID: 7988)
- Unicorn-54164.exe (PID: 7204)
- Unicorn-3806.exe (PID: 7980)
- Unicorn-64190.exe (PID: 8004)
- Unicorn-64190.exe (PID: 8024)
- Unicorn-59037.exe (PID: 8052)
- Unicorn-21814.exe (PID: 7224)
- Unicorn-40298.exe (PID: 8184)
- Unicorn-59037.exe (PID: 8044)
- Unicorn-64190.exe (PID: 8036)
- Unicorn-35135.exe (PID: 7244)
- Unicorn-3292.exe (PID: 8136)
- Unicorn-21814.exe (PID: 7228)
- Unicorn-3292.exe (PID: 8152)
- Unicorn-14012.exe (PID: 8064)
- Unicorn-22473.exe (PID: 744)
- Unicorn-41501.exe (PID: 7404)
- Unicorn-4766.exe (PID: 7148)
- Unicorn-56982.exe (PID: 5972)
- Unicorn-12934.exe (PID: 7584)
- Unicorn-17704.exe (PID: 6972)
- Unicorn-6804.exe (PID: 7700)
- Unicorn-50822.exe (PID: 6028)
- Unicorn-64465.exe (PID: 2088)
- Unicorn-874.exe (PID: 7756)
- Unicorn-61350.exe (PID: 728)
- Unicorn-2820.exe (PID: 7524)
- Unicorn-48492.exe (PID: 4200)
- Unicorn-54714.exe (PID: 7764)
- Unicorn-38299.exe (PID: 7360)
- Unicorn-59374.exe (PID: 6872)
- Unicorn-58051.exe (PID: 7424)
- Unicorn-15841.exe (PID: 5576)
- Unicorn-18856.exe (PID: 8216)
- Unicorn-12311.exe (PID: 8224)
- Unicorn-18555.exe (PID: 8280)
- Unicorn-38399.exe (PID: 2560)
- Unicorn-26723.exe (PID: 8316)
- Unicorn-41667.exe (PID: 8308)
- Unicorn-34982.exe (PID: 8260)
- Unicorn-42959.exe (PID: 8532)
- Unicorn-12332.exe (PID: 8460)
- Unicorn-4164.exe (PID: 8424)
- Unicorn-8803.exe (PID: 8432)
- Unicorn-52908.exe (PID: 8516)
- Unicorn-33307.exe (PID: 8604)
- Unicorn-25139.exe (PID: 8492)
- Unicorn-63479.exe (PID: 8576)
- Unicorn-8248.exe (PID: 8380)
- Unicorn-40159.exe (PID: 8524)
- Unicorn-24585.exe (PID: 8448)
- Unicorn-8248.exe (PID: 8372)
- Unicorn-49196.exe (PID: 8552)
- Unicorn-24484.exe (PID: 8640)
- Unicorn-15097.exe (PID: 8116)
- Unicorn-4164.exe (PID: 8416)
- Unicorn-19432.exe (PID: 8484)
- Unicorn-33307.exe (PID: 8612)
- Unicorn-12332.exe (PID: 8468)
- Unicorn-8248.exe (PID: 8440)
- Unicorn-33307.exe (PID: 8620)
- Unicorn-24484.exe (PID: 8632)
- Unicorn-14227.exe (PID: 8128)
- Unicorn-635.exe (PID: 8392)
- Unicorn-8859.exe (PID: 8088)
- Unicorn-64190.exe (PID: 7996)
- Unicorn-2310.exe (PID: 8888)
- Unicorn-8440.exe (PID: 8884)
- Unicorn-7730.exe (PID: 7260)
- Unicorn-50028.exe (PID: 8864)
- Unicorn-57641.exe (PID: 8872)
- Unicorn-54133.exe (PID: 9060)
- Unicorn-3292.exe (PID: 8144)
- Unicorn-63671.exe (PID: 9000)
- Unicorn-54133.exe (PID: 9052)
- Unicorn-63671.exe (PID: 8992)
- Unicorn-27598.exe (PID: 9100)
- Unicorn-52742.exe (PID: 9044)
- Unicorn-9571.exe (PID: 9172)
- Unicorn-26099.exe (PID: 9008)
- Unicorn-33612.exe (PID: 9136)
- Unicorn-12835.exe (PID: 9116)
- Unicorn-49857.exe (PID: 9204)
- Unicorn-4004.exe (PID: 7692)
- Unicorn-9460.exe (PID: 1512)
- Unicorn-1292.exe (PID: 9016)
- Unicorn-23769.exe (PID: 5936)
- Unicorn-1292.exe (PID: 9168)
- Unicorn-55887.exe (PID: 6032)
- Unicorn-23433.exe (PID: 7932)
- Unicorn-40741.exe (PID: 9304)
- Unicorn-60607.exe (PID: 9284)
- Unicorn-33965.exe (PID: 9268)
- Unicorn-58469.exe (PID: 9384)
- Unicorn-56909.exe (PID: 7896)
- Unicorn-64691.exe (PID: 9276)
- Unicorn-29972.exe (PID: 9248)
- Unicorn-40741.exe (PID: 9292)
- Unicorn-38603.exe (PID: 9368)
- Unicorn-58277.exe (PID: 9456)
- Unicorn-58469.exe (PID: 9376)
- Unicorn-21006.exe (PID: 9488)
- Unicorn-40872.exe (PID: 9496)
- Unicorn-2645.exe (PID: 9540)
- Unicorn-30000.exe (PID: 9568)
- Unicorn-58277.exe (PID: 9464)
- Unicorn-30819.exe (PID: 9600)
- Unicorn-39617.exe (PID: 9656)
- Unicorn-25011.exe (PID: 9668)
- Unicorn-54447.exe (PID: 9532)
- Unicorn-32521.exe (PID: 8500)
- Unicorn-28212.exe (PID: 8716)
- Unicorn-54255.exe (PID: 9820)
- Unicorn-43059.exe (PID: 8364)
- Unicorn-8318.exe (PID: 9828)
- Unicorn-49870.exe (PID: 10068)
- Unicorn-11982.exe (PID: 10028)
- Unicorn-16734.exe (PID: 9904)
- Unicorn-43669.exe (PID: 10136)
- Unicorn-31971.exe (PID: 10156)
- Unicorn-47335.exe (PID: 8956)
- Unicorn-33555.exe (PID: 10100)
- Unicorn-14888.exe (PID: 10204)
- Unicorn-50254.exe (PID: 10236)
- Unicorn-10311.exe (PID: 8560)
- Unicorn-2645.exe (PID: 9548)
- Unicorn-1266.exe (PID: 7512)
- Unicorn-1577.exe (PID: 1276)
- Unicorn-57073.exe (PID: 9436)
- Unicorn-43560.exe (PID: 10356)
- Unicorn-16617.exe (PID: 10396)
- Unicorn-57457.exe (PID: 10516)
- Unicorn-59595.exe (PID: 10424)
- Unicorn-49289.exe (PID: 10480)
- Unicorn-6310.exe (PID: 10464)
- Unicorn-14073.exe (PID: 9520)
- Unicorn-23118.exe (PID: 8476)
- Unicorn-24209.exe (PID: 2316)
- Unicorn-20679.exe (PID: 10320)
- Unicorn-53465.exe (PID: 10416)
- Unicorn-45105.exe (PID: 10592)
- Unicorn-36845.exe (PID: 10652)
- Unicorn-6494.exe (PID: 8848)
- Unicorn-24078.exe (PID: 10744)
- Unicorn-53181.exe (PID: 10712)
- Unicorn-60534.exe (PID: 10964)
- Unicorn-57933.exe (PID: 10848)
- Unicorn-11525.exe (PID: 10772)
- Unicorn-20811.exe (PID: 10840)
- Unicorn-60189.exe (PID: 7732)
- Unicorn-19038.exe (PID: 10832)
- Unicorn-64618.exe (PID: 10956)
- Unicorn-4172.exe (PID: 10536)
- Unicorn-4172.exe (PID: 10532)
- Unicorn-49289.exe (PID: 10472)
- Unicorn-27343.exe (PID: 10680)
- Unicorn-51235.exe (PID: 10600)
- Unicorn-38797.exe (PID: 10812)
- Unicorn-207.exe (PID: 11032)
- Unicorn-10016.exe (PID: 10940)
- Unicorn-28184.exe (PID: 10880)
- Unicorn-51619.exe (PID: 11056)
- Unicorn-64618.exe (PID: 10948)
- Unicorn-16809.exe (PID: 11064)
- Unicorn-35283.exe (PID: 11024)
- Unicorn-6694.exe (PID: 10912)
- Unicorn-41182.exe (PID: 10792)
- Unicorn-64063.exe (PID: 10856)
- Unicorn-24785.exe (PID: 10432)
- Unicorn-56388.exe (PID: 10580)
- Unicorn-61733.exe (PID: 11136)
- Unicorn-6502.exe (PID: 11108)
- Unicorn-36459.exe (PID: 10980)
- Unicorn-9195.exe (PID: 11072)
- Unicorn-56388.exe (PID: 10576)
- Unicorn-5132.exe (PID: 11160)
- Unicorn-10053.exe (PID: 11188)
- Unicorn-37805.exe (PID: 11236)
- Unicorn-57903.exe (PID: 11220)
- Unicorn-26107.exe (PID: 10572)
- Unicorn-57960.exe (PID: 11328)
- Unicorn-19331.exe (PID: 11216)
- Unicorn-60918.exe (PID: 11284)
- Unicorn-44904.exe (PID: 11320)
- Unicorn-12131.exe (PID: 11372)
- Unicorn-44904.exe (PID: 11304)
- Unicorn-12293.exe (PID: 11568)
- Unicorn-13008.exe (PID: 11492)
- Unicorn-44904.exe (PID: 11312)
- Unicorn-27307.exe (PID: 11532)
- Unicorn-33529.exe (PID: 11436)
- Unicorn-50996.exe (PID: 11804)
- Unicorn-21831.exe (PID: 11456)
- Unicorn-6886.exe (PID: 11476)
- Unicorn-44146.exe (PID: 11596)
- Unicorn-36243.exe (PID: 11560)
- Unicorn-34659.exe (PID: 11724)
- Unicorn-30575.exe (PID: 11748)
- Unicorn-21176.exe (PID: 11524)
- Unicorn-19139.exe (PID: 11500)
- Unicorn-23799.exe (PID: 11796)
- Unicorn-24545.exe (PID: 11604)
- Unicorn-50441.exe (PID: 11756)
- Unicorn-13008.exe (PID: 11484)
- Unicorn-30575.exe (PID: 11740)
- Unicorn-32159.exe (PID: 11576)
- Unicorn-22629.exe (PID: 11864)
- Unicorn-24676.exe (PID: 11884)
- Unicorn-44411.exe (PID: 11640)
- Unicorn-16106.exe (PID: 11932)
- Unicorn-16377.exe (PID: 11684)
- Unicorn-47789.exe (PID: 11892)
- Unicorn-30140.exe (PID: 11948)
- Unicorn-13260.exe (PID: 11840)
INFO
Reads the computer name
- Unicorn-31549.exe (PID: 6392)
- 1 (237).exe (PID: 3268)
- Unicorn-14994.exe (PID: 516)
- Unicorn-25855.exe (PID: 4976)
- Unicorn-56010.exe (PID: 4448)
- Unicorn-18093.exe (PID: 6156)
- Unicorn-60832.exe (PID: 2096)
- Unicorn-56001.exe (PID: 6816)
- Unicorn-2716.exe (PID: 6268)
- Unicorn-15772.exe (PID: 2268)
- Unicorn-9907.exe (PID: 1328)
- Unicorn-31635.exe (PID: 6752)
- Unicorn-37766.exe (PID: 6592)
- Unicorn-15015.exe (PID: 6080)
- Unicorn-2716.exe (PID: 2236)
- Unicorn-61709.exe (PID: 6676)
- Unicorn-54164.exe (PID: 7204)
- Unicorn-35135.exe (PID: 7244)
- Unicorn-7730.exe (PID: 7260)
- Unicorn-48456.exe (PID: 7180)
- Unicorn-52218.exe (PID: 856)
- Unicorn-48456.exe (PID: 7184)
- Unicorn-21814.exe (PID: 7228)
- Unicorn-10530.exe (PID: 7268)
- Unicorn-21814.exe (PID: 7224)
- Unicorn-46017.exe (PID: 7616)
- Unicorn-38403.exe (PID: 7636)
- Unicorn-58269.exe (PID: 7644)
- Unicorn-53920.exe (PID: 7660)
- Unicorn-8253.exe (PID: 7804)
- Unicorn-28119.exe (PID: 7792)
- Unicorn-58745.exe (PID: 7852)
- Unicorn-36095.exe (PID: 7876)
- Unicorn-3806.exe (PID: 7988)
- Unicorn-64190.exe (PID: 8024)
- Unicorn-64190.exe (PID: 8036)
- Unicorn-3292.exe (PID: 8144)
- Unicorn-14227.exe (PID: 8128)
- Unicorn-3806.exe (PID: 7980)
- Unicorn-59037.exe (PID: 8044)
- Unicorn-15097.exe (PID: 8116)
- Unicorn-3292.exe (PID: 8136)
- Unicorn-14012.exe (PID: 8064)
- Unicorn-22473.exe (PID: 744)
- Unicorn-12934.exe (PID: 7584)
- Unicorn-56982.exe (PID: 5972)
- Unicorn-4766.exe (PID: 7148)
- Unicorn-58606.exe (PID: 7676)
- Unicorn-64465.exe (PID: 2088)
- Unicorn-23433.exe (PID: 7932)
- Unicorn-874.exe (PID: 7756)
- Unicorn-50822.exe (PID: 6028)
- Unicorn-2820.exe (PID: 7524)
- Unicorn-54714.exe (PID: 7764)
- Unicorn-59374.exe (PID: 6872)
- Unicorn-58051.exe (PID: 7424)
- Unicorn-56909.exe (PID: 7896)
- Unicorn-26723.exe (PID: 8316)
- Unicorn-24484.exe (PID: 8640)
- Unicorn-4164.exe (PID: 8424)
- Unicorn-63479.exe (PID: 8576)
- Unicorn-25139.exe (PID: 8492)
- Unicorn-33307.exe (PID: 8604)
- Unicorn-24585.exe (PID: 8448)
- Unicorn-28212.exe (PID: 8716)
- Unicorn-40159.exe (PID: 8524)
- Unicorn-12332.exe (PID: 8468)
- Unicorn-52908.exe (PID: 8516)
- Unicorn-24484.exe (PID: 8632)
- Unicorn-635.exe (PID: 8392)
- Unicorn-8440.exe (PID: 8884)
- Unicorn-50028.exe (PID: 8864)
- Unicorn-6494.exe (PID: 8848)
- Unicorn-47335.exe (PID: 8956)
- Unicorn-2310.exe (PID: 8888)
- Unicorn-54133.exe (PID: 9060)
- Unicorn-27598.exe (PID: 9100)
- Unicorn-26099.exe (PID: 9008)
- Unicorn-9571.exe (PID: 9172)
- Unicorn-23769.exe (PID: 5936)
- Unicorn-1292.exe (PID: 9016)
- Unicorn-40741.exe (PID: 9304)
- Unicorn-9460.exe (PID: 1512)
- Unicorn-55887.exe (PID: 6032)
- Unicorn-60607.exe (PID: 9284)
- Unicorn-1292.exe (PID: 9168)
- Unicorn-33965.exe (PID: 9268)
- Unicorn-40741.exe (PID: 9292)
- Unicorn-58277.exe (PID: 9456)
- Unicorn-21006.exe (PID: 9488)
- Unicorn-30819.exe (PID: 9600)
- Unicorn-49870.exe (PID: 10068)
- Unicorn-16734.exe (PID: 9904)
- Unicorn-33555.exe (PID: 10100)
- Unicorn-14888.exe (PID: 10204)
- Unicorn-31971.exe (PID: 10156)
- Unicorn-10311.exe (PID: 8560)
Create files in a temporary directory
- 1 (237).exe (PID: 3268)
- Unicorn-31549.exe (PID: 6392)
- Unicorn-56010.exe (PID: 4448)
- Unicorn-14994.exe (PID: 516)
- Unicorn-25855.exe (PID: 4976)
- Unicorn-2716.exe (PID: 6268)
- Unicorn-18093.exe (PID: 6156)
- Unicorn-42274.exe (PID: 5736)
- Unicorn-15772.exe (PID: 2268)
- Unicorn-9907.exe (PID: 1328)
- Unicorn-60832.exe (PID: 2096)
- Unicorn-31635.exe (PID: 6752)
- Unicorn-56001.exe (PID: 6816)
- Unicorn-15015.exe (PID: 6080)
- Unicorn-52218.exe (PID: 856)
- Unicorn-48456.exe (PID: 7180)
- Unicorn-16395.exe (PID: 7252)
- Unicorn-2716.exe (PID: 2236)
- Unicorn-10530.exe (PID: 7268)
- Unicorn-37766.exe (PID: 6592)
- Unicorn-61709.exe (PID: 6676)
- Unicorn-38403.exe (PID: 7636)
- Unicorn-58269.exe (PID: 7644)
- Unicorn-53920.exe (PID: 7660)
- Unicorn-44455.exe (PID: 7832)
- Unicorn-28119.exe (PID: 7792)
- Unicorn-48456.exe (PID: 7184)
- Unicorn-36095.exe (PID: 7876)
- Unicorn-64190.exe (PID: 8012)
- Unicorn-54164.exe (PID: 7216)
- Unicorn-54164.exe (PID: 7204)
- Unicorn-3806.exe (PID: 7980)
- Unicorn-59037.exe (PID: 8044)
- Unicorn-64190.exe (PID: 8036)
- Unicorn-40298.exe (PID: 8184)
- Unicorn-59037.exe (PID: 8052)
- Unicorn-3292.exe (PID: 8136)
- Unicorn-35135.exe (PID: 7244)
- Unicorn-21814.exe (PID: 7228)
- Unicorn-21814.exe (PID: 7224)
- Unicorn-3292.exe (PID: 8152)
- Unicorn-14012.exe (PID: 8064)
- Unicorn-41501.exe (PID: 7404)
- Unicorn-46017.exe (PID: 7616)
- Unicorn-4766.exe (PID: 7148)
- Unicorn-56982.exe (PID: 5972)
- Unicorn-58606.exe (PID: 7676)
- Unicorn-50822.exe (PID: 6028)
- Unicorn-874.exe (PID: 7756)
- Unicorn-64465.exe (PID: 2088)
- Unicorn-48492.exe (PID: 4200)
- Unicorn-58745.exe (PID: 7852)
- Unicorn-2820.exe (PID: 7524)
- Unicorn-54714.exe (PID: 7764)
- Unicorn-38299.exe (PID: 7360)
- Unicorn-59374.exe (PID: 6872)
- Unicorn-3806.exe (PID: 7988)
- Unicorn-36649.exe (PID: 7900)
- Unicorn-12311.exe (PID: 8224)
- Unicorn-58051.exe (PID: 7424)
- Unicorn-18555.exe (PID: 8280)
- Unicorn-15841.exe (PID: 5576)
- Unicorn-64190.exe (PID: 8004)
- Unicorn-60661.exe (PID: 8096)
- Unicorn-38399.exe (PID: 2560)
- Unicorn-34982.exe (PID: 8260)
- Unicorn-41667.exe (PID: 8308)
- Unicorn-26723.exe (PID: 8316)
- Unicorn-4164.exe (PID: 8424)
- Unicorn-8803.exe (PID: 8432)
- Unicorn-12332.exe (PID: 8460)
- Unicorn-52908.exe (PID: 8516)
- Unicorn-33307.exe (PID: 8604)
- Unicorn-63479.exe (PID: 8576)
- Unicorn-8248.exe (PID: 8380)
- Unicorn-40159.exe (PID: 8524)
- Unicorn-24585.exe (PID: 8448)
- Unicorn-49196.exe (PID: 8552)
- Unicorn-15097.exe (PID: 8116)
- Unicorn-12332.exe (PID: 8468)
- Unicorn-24484.exe (PID: 8640)
- Unicorn-19432.exe (PID: 8484)
- Unicorn-24484.exe (PID: 8632)
- Unicorn-33307.exe (PID: 8612)
- Unicorn-4164.exe (PID: 8416)
- Unicorn-14227.exe (PID: 8128)
- Unicorn-8248.exe (PID: 8440)
- Unicorn-635.exe (PID: 8392)
- Unicorn-33307.exe (PID: 8620)
- Unicorn-50028.exe (PID: 8864)
- Unicorn-7730.exe (PID: 7260)
- Unicorn-57641.exe (PID: 8872)
- Unicorn-63671.exe (PID: 9000)
- Unicorn-3292.exe (PID: 8144)
- Unicorn-27598.exe (PID: 9100)
- Unicorn-22473.exe (PID: 744)
- Unicorn-52742.exe (PID: 9044)
- Unicorn-9571.exe (PID: 9172)
- Unicorn-26099.exe (PID: 9008)
- Unicorn-6804.exe (PID: 7700)
- Unicorn-4004.exe (PID: 7692)
- Unicorn-12835.exe (PID: 9116)
- Unicorn-17704.exe (PID: 6972)
- Unicorn-9460.exe (PID: 1512)
- Unicorn-1292.exe (PID: 9016)
- Unicorn-23769.exe (PID: 5936)
- Unicorn-1292.exe (PID: 9168)
- Unicorn-40741.exe (PID: 9304)
- Unicorn-64190.exe (PID: 8024)
- Unicorn-33965.exe (PID: 9268)
- Unicorn-64691.exe (PID: 9276)
- Unicorn-61350.exe (PID: 728)
- Unicorn-60607.exe (PID: 9284)
- Unicorn-56909.exe (PID: 7896)
- Unicorn-8253.exe (PID: 7804)
- Unicorn-29972.exe (PID: 9248)
- Unicorn-40741.exe (PID: 9292)
- Unicorn-40872.exe (PID: 9496)
- Unicorn-30000.exe (PID: 9568)
- Unicorn-2645.exe (PID: 9540)
- Unicorn-39617.exe (PID: 9656)
- Unicorn-18856.exe (PID: 8216)
- Unicorn-25011.exe (PID: 9668)
- Unicorn-25139.exe (PID: 8492)
- Unicorn-43059.exe (PID: 8364)
- Unicorn-8248.exe (PID: 8372)
- Unicorn-49870.exe (PID: 10068)
- Unicorn-16734.exe (PID: 9904)
- Unicorn-8440.exe (PID: 8884)
- Unicorn-47335.exe (PID: 8956)
- Unicorn-2310.exe (PID: 8888)
- Unicorn-63671.exe (PID: 8992)
- Unicorn-12934.exe (PID: 7584)
Checks supported languages
- 1 (237).exe (PID: 3268)
- Unicorn-31549.exe (PID: 6392)
- Unicorn-25855.exe (PID: 4976)
- Unicorn-14994.exe (PID: 516)
- Unicorn-56010.exe (PID: 4448)
- Unicorn-18093.exe (PID: 6156)
- Unicorn-42274.exe (PID: 5736)
- Unicorn-60832.exe (PID: 2096)
- Unicorn-2716.exe (PID: 6268)
- Unicorn-61709.exe (PID: 6676)
- Unicorn-15772.exe (PID: 2268)
- Unicorn-9907.exe (PID: 1328)
- Unicorn-31635.exe (PID: 6752)
- Unicorn-37766.exe (PID: 6592)
- Unicorn-15015.exe (PID: 6080)
- Unicorn-52218.exe (PID: 856)
- Unicorn-48456.exe (PID: 7184)
- Unicorn-48456.exe (PID: 7180)
- Unicorn-54164.exe (PID: 7216)
- Unicorn-35135.exe (PID: 7244)
- Unicorn-21814.exe (PID: 7228)
- Unicorn-10530.exe (PID: 7268)
- Unicorn-54164.exe (PID: 7204)
- Unicorn-7730.exe (PID: 7260)
- Unicorn-16395.exe (PID: 7252)
- Unicorn-46017.exe (PID: 7616)
- Unicorn-58269.exe (PID: 7644)
- Unicorn-8253.exe (PID: 7804)
- Unicorn-44455.exe (PID: 7832)
- Unicorn-36649.exe (PID: 7900)
- Unicorn-3806.exe (PID: 7988)
- Unicorn-60661.exe (PID: 8096)
- Unicorn-14012.exe (PID: 8064)
- Unicorn-3292.exe (PID: 8152)
- Unicorn-14227.exe (PID: 8128)
- Unicorn-22473.exe (PID: 744)
- Unicorn-41501.exe (PID: 7404)
- Unicorn-64190.exe (PID: 8024)
- Unicorn-64190.exe (PID: 7996)
- Unicorn-8859.exe (PID: 8088)
- Unicorn-56982.exe (PID: 5972)
- Unicorn-4766.exe (PID: 7148)
- Unicorn-4004.exe (PID: 7692)
- Unicorn-58606.exe (PID: 7676)
- Unicorn-12934.exe (PID: 7584)
- Unicorn-6804.exe (PID: 7700)
- Unicorn-64465.exe (PID: 2088)
- Unicorn-50822.exe (PID: 6028)
- Unicorn-874.exe (PID: 7756)
- Unicorn-54714.exe (PID: 7764)
- Unicorn-60189.exe (PID: 7732)
- Unicorn-56909.exe (PID: 7896)
- Unicorn-61350.exe (PID: 728)
- Unicorn-23433.exe (PID: 7932)
- Unicorn-58051.exe (PID: 7424)
- Unicorn-38299.exe (PID: 7360)
- Unicorn-59374.exe (PID: 6872)
- Unicorn-48492.exe (PID: 4200)
- Unicorn-38399.exe (PID: 2560)
- Unicorn-18856.exe (PID: 8216)
- Unicorn-34982.exe (PID: 8260)
- Unicorn-18555.exe (PID: 8280)
- Unicorn-15841.exe (PID: 5576)
- Unicorn-26723.exe (PID: 8316)
- Unicorn-41667.exe (PID: 8308)
- Unicorn-635.exe (PID: 8392)
- Unicorn-4164.exe (PID: 8416)
- Unicorn-12332.exe (PID: 8468)
- Unicorn-43059.exe (PID: 8364)
- Unicorn-32521.exe (PID: 8500)
- Unicorn-8248.exe (PID: 8380)
- Unicorn-40159.exe (PID: 8524)
- Unicorn-49196.exe (PID: 8552)
- Unicorn-63479.exe (PID: 8576)
- Unicorn-19432.exe (PID: 8484)
- Unicorn-33307.exe (PID: 8604)
- Unicorn-4164.exe (PID: 8424)
- Unicorn-8803.exe (PID: 8432)
- Unicorn-24484.exe (PID: 8640)
- Unicorn-6494.exe (PID: 8848)
- Unicorn-50028.exe (PID: 8864)
- Unicorn-33307.exe (PID: 8612)
- Unicorn-42959.exe (PID: 8532)
- Unicorn-24484.exe (PID: 8632)
- Unicorn-28212.exe (PID: 8716)
- Unicorn-8440.exe (PID: 8884)
- Unicorn-47335.exe (PID: 8956)
- Unicorn-26099.exe (PID: 9008)
- Unicorn-52742.exe (PID: 9044)
- Unicorn-54133.exe (PID: 9052)
- Unicorn-54133.exe (PID: 9060)
- Unicorn-27598.exe (PID: 9100)
- Unicorn-57641.exe (PID: 8872)
- Unicorn-2310.exe (PID: 8888)
- Unicorn-23769.exe (PID: 5936)
- Unicorn-55887.exe (PID: 6032)
- Unicorn-1292.exe (PID: 9168)
- Unicorn-1292.exe (PID: 9016)
- Unicorn-49857.exe (PID: 9204)
- Unicorn-33965.exe (PID: 9268)
- Unicorn-60607.exe (PID: 9284)
- Unicorn-64691.exe (PID: 9276)
- Unicorn-40741.exe (PID: 9304)
- Unicorn-58469.exe (PID: 9376)
- Unicorn-38603.exe (PID: 9368)
- Unicorn-40741.exe (PID: 9292)
- Unicorn-2645.exe (PID: 9548)
- Unicorn-21006.exe (PID: 9488)
- Unicorn-40872.exe (PID: 9496)
- Unicorn-2645.exe (PID: 9540)
- Unicorn-25011.exe (PID: 9668)
- Unicorn-30000.exe (PID: 9568)
- Unicorn-54255.exe (PID: 9820)
- Unicorn-8318.exe (PID: 9828)
- Unicorn-16734.exe (PID: 9904)
- Unicorn-11982.exe (PID: 10028)
- Unicorn-33555.exe (PID: 10100)
- Unicorn-31971.exe (PID: 10156)
- Unicorn-14888.exe (PID: 10204)
- Unicorn-50254.exe (PID: 10236)
- Unicorn-10311.exe (PID: 8560)
- Unicorn-14073.exe (PID: 9520)
- Unicorn-23118.exe (PID: 8476)
- Unicorn-1266.exe (PID: 7512)
- Unicorn-1577.exe (PID: 1276)
- Unicorn-53465.exe (PID: 10416)
- Unicorn-16617.exe (PID: 10396)
- Unicorn-20679.exe (PID: 10320)
- Unicorn-43560.exe (PID: 10356)
- Unicorn-12532.exe (PID: 10376)
- Unicorn-49289.exe (PID: 10480)
- Unicorn-6310.exe (PID: 10464)
- Unicorn-49289.exe (PID: 10472)
- Unicorn-24785.exe (PID: 10432)
- Unicorn-57457.exe (PID: 10516)
- Unicorn-4172.exe (PID: 10536)
- Unicorn-45105.exe (PID: 10592)
- Unicorn-56388.exe (PID: 10580)
- Unicorn-56388.exe (PID: 10576)
- Unicorn-36845.exe (PID: 10652)
- Unicorn-53181.exe (PID: 10712)
- Unicorn-38797.exe (PID: 10812)
- Unicorn-41182.exe (PID: 10792)
- Unicorn-20811.exe (PID: 10840)
- Unicorn-51235.exe (PID: 10600)
- Unicorn-6694.exe (PID: 10912)
- Unicorn-28184.exe (PID: 10880)
- Unicorn-10016.exe (PID: 10940)
- Unicorn-35283.exe (PID: 11024)
- Unicorn-60534.exe (PID: 10964)
- Unicorn-207.exe (PID: 11032)
- Unicorn-19038.exe (PID: 10832)
- Unicorn-64063.exe (PID: 10856)
- Unicorn-9195.exe (PID: 11072)
- Unicorn-6502.exe (PID: 11108)
- Unicorn-61733.exe (PID: 11136)
- Unicorn-51619.exe (PID: 11056)
- Unicorn-60918.exe (PID: 11284)
- Unicorn-19331.exe (PID: 11216)
- Unicorn-44904.exe (PID: 11320)
- Unicorn-57960.exe (PID: 11328)
- Unicorn-5132.exe (PID: 11160)
- Unicorn-10053.exe (PID: 11188)
- Unicorn-26107.exe (PID: 10572)
- Unicorn-12131.exe (PID: 11372)
- Unicorn-33529.exe (PID: 11436)
- Unicorn-21831.exe (PID: 11456)
- Unicorn-44904.exe (PID: 11304)
- Unicorn-6886.exe (PID: 11476)
- Unicorn-13008.exe (PID: 11492)
- Unicorn-27307.exe (PID: 11532)
- Unicorn-13008.exe (PID: 11484)
- Unicorn-12293.exe (PID: 11568)
- Unicorn-44411.exe (PID: 11640)
- Unicorn-21176.exe (PID: 11524)
- Unicorn-32159.exe (PID: 11576)
- Unicorn-24545.exe (PID: 11604)
- Unicorn-46357.exe (PID: 11692)
- Unicorn-36243.exe (PID: 11560)
- Unicorn-30575.exe (PID: 11748)
- Unicorn-34659.exe (PID: 11724)
- Unicorn-50441.exe (PID: 11756)
- Unicorn-47789.exe (PID: 11892)
- Unicorn-24676.exe (PID: 11884)
- Unicorn-30140.exe (PID: 11948)
- Unicorn-22629.exe (PID: 11864)
- Unicorn-65307.exe (PID: 11916)
- Unicorn-30575.exe (PID: 11740)
- Unicorn-63077.exe (PID: 11976)
- Unicorn-63461.exe (PID: 12068)
- Unicorn-36741.exe (PID: 11984)
- Unicorn-53247.exe (PID: 12084)
- Unicorn-25121.exe (PID: 12168)
- Unicorn-25121.exe (PID: 12164)
- Unicorn-22163.exe (PID: 12216)
- Unicorn-35750.exe (PID: 12224)
- Unicorn-30597.exe (PID: 12240)
- Unicorn-39511.exe (PID: 12092)
- Unicorn-24567.exe (PID: 12120)
- Unicorn-55848.exe (PID: 12180)
- Unicorn-22983.exe (PID: 1072)
- Unicorn-42849.exe (PID: 6656)
- Unicorn-53710.exe (PID: 720)
- Unicorn-38765.exe (PID: 12268)
- Unicorn-6668.exe (PID: 12304)
- Unicorn-37295.exe (PID: 12396)
- Unicorn-23559.exe (PID: 12380)
- Unicorn-23559.exe (PID: 12404)
- Unicorn-24951.exe (PID: 12452)
- Unicorn-60316.exe (PID: 12468)
- Unicorn-14160.exe (PID: 872)
- Unicorn-14160.exe (PID: 2064)
- Unicorn-61878.exe (PID: 3032)
- Unicorn-43425.exe (PID: 12388)
- Unicorn-47409.exe (PID: 12484)
- Unicorn-39149.exe (PID: 12516)
- Unicorn-55220.exe (PID: 12556)
- Unicorn-31648.exe (PID: 12612)
- Unicorn-23389.exe (PID: 12640)
- Unicorn-41863.exe (PID: 12632)
- Unicorn-33673.exe (PID: 12492)
- Unicorn-11744.exe (PID: 12572)
- Unicorn-49839.exe (PID: 12736)
- Unicorn-58007.exe (PID: 12756)
- Unicorn-25335.exe (PID: 12712)
- Unicorn-47628.exe (PID: 12672)
- Unicorn-21059.exe (PID: 12776)
- Unicorn-13430.exe (PID: 12800)
- Unicorn-13430.exe (PID: 12808)
- Unicorn-25683.exe (PID: 12828)
- Unicorn-60493.exe (PID: 12816)
- Unicorn-54939.exe (PID: 12928)
- Unicorn-3124.exe (PID: 12864)
- Unicorn-40950.exe (PID: 12900)
- Unicorn-45288.exe (PID: 12952)
- Unicorn-64888.exe (PID: 12960)
- Unicorn-57348.exe (PID: 13048)
- Unicorn-13714.exe (PID: 13064)
- Unicorn-55210.exe (PID: 13104)
- Unicorn-46387.exe (PID: 13120)
- Unicorn-62008.exe (PID: 13160)
- Unicorn-65437.exe (PID: 13196)
- Unicorn-28488.exe (PID: 13240)
- Unicorn-16812.exe (PID: 4108)
- Unicorn-4447.exe (PID: 12732)
- Unicorn-44302.exe (PID: 13452)
- Unicorn-36373.exe (PID: 13004)
- Unicorn-7684.exe (PID: 13028)
- Unicorn-24073.exe (PID: 13720)
- Unicorn-5136.exe (PID: 13644)
- Unicorn-38463.exe (PID: 13696)
- Unicorn-9683.exe (PID: 13748)
- Unicorn-36325.exe (PID: 13780)
- Unicorn-25200.exe (PID: 13764)
- Unicorn-62989.exe (PID: 13868)
- Unicorn-43123.exe (PID: 13856)
- Unicorn-43123.exe (PID: 13840)
- Unicorn-10997.exe (PID: 13504)
- Unicorn-4229.exe (PID: 13900)
- Unicorn-17607.exe (PID: 14016)
- Unicorn-2091.exe (PID: 13984)
- Unicorn-10259.exe (PID: 14040)
- Unicorn-17873.exe (PID: 14024)
- Unicorn-14343.exe (PID: 14064)
- Unicorn-65490.exe (PID: 14088)
- Unicorn-58713.exe (PID: 14124)
- Unicorn-43123.exe (PID: 13844)
- Unicorn-16481.exe (PID: 13916)
- Unicorn-20787.exe (PID: 14144)
- Unicorn-23802.exe (PID: 14176)
- Unicorn-46269.exe (PID: 14232)
- Unicorn-6919.exe (PID: 14240)
- Unicorn-26817.exe (PID: 13324)
- Unicorn-50889.exe (PID: 4488)
- Unicorn-23716.exe (PID: 7820)
- Unicorn-24378.exe (PID: 7468)
- Unicorn-26817.exe (PID: 6480)
- Unicorn-46004.exe (PID: 14224)
- Unicorn-41920.exe (PID: 14264)
- Unicorn-22319.exe (PID: 14272)
- Unicorn-26817.exe (PID: 5392)
- Unicorn-32354.exe (PID: 14448)
- Unicorn-47400.exe (PID: 14396)
- Unicorn-26787.exe (PID: 14492)
- Unicorn-42761.exe (PID: 10312)
- Unicorn-10692.exe (PID: 14428)
- Unicorn-27613.exe (PID: 14684)
- Unicorn-18126.exe (PID: 14820)
- Unicorn-47976.exe (PID: 14636)
- Unicorn-24863.exe (PID: 14612)
- Unicorn-45183.exe (PID: 14832)
- Unicorn-57021.exe (PID: 14884)
- Unicorn-11084.exe (PID: 14892)
- Unicorn-57021.exe (PID: 14876)
- Unicorn-11084.exe (PID: 14868)
- Unicorn-52060.exe (PID: 14596)
- Unicorn-52060.exe (PID: 14604)
- Unicorn-50737.exe (PID: 14556)
- Unicorn-61598.exe (PID: 14564)
- Unicorn-62174.exe (PID: 14900)
- Unicorn-34876.exe (PID: 14976)
- Unicorn-35339.exe (PID: 15108)
- Unicorn-5381.exe (PID: 15160)
- Unicorn-58011.exe (PID: 15120)
- Unicorn-4726.exe (PID: 15220)
- Unicorn-56528.exe (PID: 15212)
- Unicorn-39445.exe (PID: 15268)
- Unicorn-49175.exe (PID: 15004)
- Unicorn-21770.exe (PID: 15012)
- Unicorn-58011.exe (PID: 15144)
- Unicorn-58011.exe (PID: 15136)
The sample compiled with chinese language support
- 1 (237).exe (PID: 3268)
- Unicorn-64618.exe (PID: 10956)
- Unicorn-48492.exe (PID: 4200)
- Unicorn-3806.exe (PID: 7988)
- Unicorn-64618.exe (PID: 10948)
- Unicorn-21006.exe (PID: 9488)
- Unicorn-35283.exe (PID: 11024)
- Unicorn-60661.exe (PID: 8096)
- Unicorn-38399.exe (PID: 2560)
- Unicorn-24484.exe (PID: 8640)
- Unicorn-59595.exe (PID: 10424)
- Unicorn-52908.exe (PID: 8516)
- Unicorn-24785.exe (PID: 10432)
- Unicorn-2716.exe (PID: 2236)
- Unicorn-42959.exe (PID: 8532)
- Unicorn-8318.exe (PID: 9828)
- Unicorn-40159.exe (PID: 8524)
- Unicorn-9195.exe (PID: 11072)
- Unicorn-4164.exe (PID: 8424)
- Unicorn-12332.exe (PID: 8468)
- Unicorn-15772.exe (PID: 2268)
- Unicorn-5132.exe (PID: 11160)
- Unicorn-56010.exe (PID: 4448)
- Unicorn-11982.exe (PID: 10028)
- Unicorn-40298.exe (PID: 8184)
- Unicorn-9907.exe (PID: 1328)
- Unicorn-14227.exe (PID: 8128)
- Unicorn-33555.exe (PID: 10100)
- Unicorn-4164.exe (PID: 8416)
- Unicorn-35135.exe (PID: 7244)
- Unicorn-8248.exe (PID: 8440)
- Unicorn-8248.exe (PID: 8372)
- Unicorn-10053.exe (PID: 11188)
- Unicorn-49870.exe (PID: 10068)
- Unicorn-3292.exe (PID: 8152)
- Unicorn-61709.exe (PID: 6676)
- Unicorn-51235.exe (PID: 10600)
- Unicorn-6494.exe (PID: 8848)
- Unicorn-8859.exe (PID: 8088)
- Unicorn-3292.exe (PID: 8136)
- Unicorn-7730.exe (PID: 7260)
- Unicorn-57641.exe (PID: 8872)
- Unicorn-37805.exe (PID: 11236)
- Unicorn-2310.exe (PID: 8888)
- Unicorn-31971.exe (PID: 10156)
- Unicorn-24078.exe (PID: 10744)
- Unicorn-3292.exe (PID: 8144)
- Unicorn-21814.exe (PID: 7228)
- Unicorn-36845.exe (PID: 10652)
- Unicorn-31549.exe (PID: 6392)
- Unicorn-63479.exe (PID: 8576)
- Unicorn-56982.exe (PID: 5972)
- Unicorn-14888.exe (PID: 10204)
- Unicorn-46017.exe (PID: 7616)
- Unicorn-54133.exe (PID: 9052)
- Unicorn-15097.exe (PID: 8116)
- Unicorn-9571.exe (PID: 9172)
- Unicorn-41501.exe (PID: 7404)
- Unicorn-33612.exe (PID: 9136)
- Unicorn-4004.exe (PID: 7692)
- Unicorn-50254.exe (PID: 10236)
- Unicorn-25855.exe (PID: 4976)
- Unicorn-12934.exe (PID: 7584)
- Unicorn-12835.exe (PID: 9116)
- Unicorn-58269.exe (PID: 7644)
- Unicorn-63671.exe (PID: 8992)
- Unicorn-27598.exe (PID: 9100)
- Unicorn-37766.exe (PID: 6592)
- Unicorn-4766.exe (PID: 7148)
- Unicorn-52742.exe (PID: 9044)
- Unicorn-38403.exe (PID: 7636)
- Unicorn-31635.exe (PID: 6752)
- Unicorn-49857.exe (PID: 9204)
- Unicorn-53920.exe (PID: 7660)
- Unicorn-19432.exe (PID: 8484)
- Unicorn-17704.exe (PID: 6972)
- Unicorn-10311.exe (PID: 8560)
- Unicorn-60832.exe (PID: 2096)
- Unicorn-26107.exe (PID: 10572)
- Unicorn-57933.exe (PID: 10848)
- Unicorn-14073.exe (PID: 9520)
- Unicorn-23118.exe (PID: 8476)
- Unicorn-57960.exe (PID: 11328)
- Unicorn-24484.exe (PID: 8632)
- Unicorn-28119.exe (PID: 7792)
- Unicorn-1292.exe (PID: 9016)
- Unicorn-50822.exe (PID: 6028)
- Unicorn-40741.exe (PID: 9304)
- Unicorn-15015.exe (PID: 6080)
- Unicorn-54714.exe (PID: 7764)
- Unicorn-44455.exe (PID: 7832)
- Unicorn-20811.exe (PID: 10840)
- Unicorn-60918.exe (PID: 11284)
- Unicorn-8253.exe (PID: 7804)
- Unicorn-58469.exe (PID: 9384)
- Unicorn-60189.exe (PID: 7732)
- Unicorn-58745.exe (PID: 7852)
- Unicorn-26099.exe (PID: 9008)
- Unicorn-36095.exe (PID: 7876)
- Unicorn-19331.exe (PID: 11216)
- Unicorn-23433.exe (PID: 7932)
- Unicorn-55887.exe (PID: 6032)
- Unicorn-64691.exe (PID: 9276)
- Unicorn-38299.exe (PID: 7360)
- Unicorn-59374.exe (PID: 6872)
- Unicorn-19038.exe (PID: 10832)
- Unicorn-52218.exe (PID: 856)
- Unicorn-40741.exe (PID: 9292)
- Unicorn-56001.exe (PID: 6816)
- Unicorn-36649.exe (PID: 7900)
- Unicorn-48456.exe (PID: 7184)
- Unicorn-58277.exe (PID: 9456)
- Unicorn-38603.exe (PID: 9368)
- Unicorn-58469.exe (PID: 9376)
- Unicorn-60534.exe (PID: 10964)
- Unicorn-40872.exe (PID: 9496)
- Unicorn-64465.exe (PID: 2088)
- Unicorn-39617.exe (PID: 9656)
- Unicorn-18093.exe (PID: 6156)
- Unicorn-54164.exe (PID: 7216)
- Unicorn-10016.exe (PID: 10940)
- Unicorn-44904.exe (PID: 11320)
- Unicorn-2716.exe (PID: 6268)
- Unicorn-28184.exe (PID: 10880)
- Unicorn-12311.exe (PID: 8224)
- Unicorn-18555.exe (PID: 8280)
- Unicorn-207.exe (PID: 11032)
- Unicorn-25011.exe (PID: 9668)
- Unicorn-1577.exe (PID: 1276)
- Unicorn-12131.exe (PID: 11372)
- Unicorn-58051.exe (PID: 7424)
- Unicorn-6694.exe (PID: 10912)
- Unicorn-54447.exe (PID: 9532)
- Unicorn-44904.exe (PID: 11304)
- Unicorn-54164.exe (PID: 7204)
- Unicorn-3806.exe (PID: 7980)
- Unicorn-44904.exe (PID: 11312)
- Unicorn-15841.exe (PID: 5576)
- Unicorn-24209.exe (PID: 2316)
- Unicorn-12293.exe (PID: 11568)
- Unicorn-64190.exe (PID: 8012)
- Unicorn-2645.exe (PID: 9548)
- Unicorn-20679.exe (PID: 10320)
- Unicorn-36459.exe (PID: 10980)
- Unicorn-27307.exe (PID: 11532)
- Unicorn-13008.exe (PID: 11492)
- Unicorn-56909.exe (PID: 7896)
- Unicorn-18856.exe (PID: 8216)
- Unicorn-43560.exe (PID: 10356)
- Unicorn-26723.exe (PID: 8316)
- Unicorn-50996.exe (PID: 11804)
- Unicorn-41667.exe (PID: 8308)
- Unicorn-59037.exe (PID: 8044)
- Unicorn-10530.exe (PID: 7268)
- Unicorn-4172.exe (PID: 10536)
- Unicorn-56388.exe (PID: 10580)
- Unicorn-33529.exe (PID: 11436)
- Unicorn-57457.exe (PID: 10516)
- Unicorn-34982.exe (PID: 8260)
- Unicorn-6310.exe (PID: 10464)
- Unicorn-56388.exe (PID: 10576)
- Unicorn-42274.exe (PID: 5736)
- Unicorn-64190.exe (PID: 8036)
- Unicorn-28212.exe (PID: 8716)
- Unicorn-27343.exe (PID: 10680)
- Unicorn-54255.exe (PID: 9820)
- Unicorn-49289.exe (PID: 10472)
- Unicorn-21831.exe (PID: 11456)
- Unicorn-61733.exe (PID: 11136)
- Unicorn-25139.exe (PID: 8492)
- Unicorn-6502.exe (PID: 11108)
- Unicorn-14012.exe (PID: 8064)
- Unicorn-45105.exe (PID: 10592)
- Unicorn-16395.exe (PID: 7252)
- Unicorn-49196.exe (PID: 8552)
- Unicorn-14994.exe (PID: 516)
- Unicorn-59037.exe (PID: 8052)
- Unicorn-6886.exe (PID: 11476)
- Unicorn-33307.exe (PID: 8612)
- Unicorn-44146.exe (PID: 11596)
- Unicorn-50028.exe (PID: 8864)
- Unicorn-43669.exe (PID: 10136)
- Unicorn-36243.exe (PID: 11560)
- Unicorn-64190.exe (PID: 7996)
- Unicorn-34659.exe (PID: 11724)
- Unicorn-21814.exe (PID: 7224)
- Unicorn-21176.exe (PID: 11524)
- Unicorn-33307.exe (PID: 8620)
- Unicorn-13008.exe (PID: 11484)
- Unicorn-48456.exe (PID: 7180)
- Unicorn-57903.exe (PID: 11220)
- Unicorn-54133.exe (PID: 9060)
- Unicorn-63671.exe (PID: 9000)
- Unicorn-19139.exe (PID: 11500)
- Unicorn-23799.exe (PID: 11796)
- Unicorn-22473.exe (PID: 744)
- Unicorn-24545.exe (PID: 11604)
- Unicorn-43059.exe (PID: 8364)
- Unicorn-50441.exe (PID: 11756)
- Unicorn-30575.exe (PID: 11748)
- Unicorn-47335.exe (PID: 8956)
- Unicorn-53181.exe (PID: 10712)
- Unicorn-22629.exe (PID: 11864)
- Unicorn-30575.exe (PID: 11740)
- Unicorn-24676.exe (PID: 11884)
- Unicorn-44411.exe (PID: 11640)
- Unicorn-635.exe (PID: 8392)
- Unicorn-9460.exe (PID: 1512)
- Unicorn-11525.exe (PID: 10772)
- Unicorn-58277.exe (PID: 9464)
- Unicorn-29972.exe (PID: 9248)
- Unicorn-61350.exe (PID: 728)
- Unicorn-8440.exe (PID: 8884)
- Unicorn-16106.exe (PID: 11932)
- Unicorn-32159.exe (PID: 11576)
- Unicorn-1292.exe (PID: 9168)
- Unicorn-16377.exe (PID: 11684)
- Unicorn-13260.exe (PID: 11840)
- Unicorn-1266.exe (PID: 7512)
- Unicorn-64063.exe (PID: 10856)
- Unicorn-38797.exe (PID: 10812)
- Unicorn-874.exe (PID: 7756)
- Unicorn-51619.exe (PID: 11056)
- Unicorn-64190.exe (PID: 8004)
- Unicorn-30000.exe (PID: 9568)
- Unicorn-47789.exe (PID: 11892)
- Unicorn-30140.exe (PID: 11948)
- Unicorn-53465.exe (PID: 10416)
Reads security settings of Internet Explorer
- BackgroundTransferHost.exe (PID: 7364)
- BackgroundTransferHost.exe (PID: 7732)
- BackgroundTransferHost.exe (PID: 1300)
- BackgroundTransferHost.exe (PID: 1272)
- BackgroundTransferHost.exe (PID: 10288)
Checks proxy server information
- BackgroundTransferHost.exe (PID: 7732)
Reads the software policy settings
- BackgroundTransferHost.exe (PID: 7732)
Creates files or folders in the user directory
- BackgroundTransferHost.exe (PID: 7732)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | Win32 Executable (generic) (52.9) |
|---|---|---|
| .exe | | | Generic Win/DOS Executable (23.5) |
| .exe | | | DOS Executable Generic (23.5) |
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2019:01:19 13:34:56+00:00 |
| ImageFileCharacteristics: | No relocs, Executable, No line numbers, No symbols, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 6 |
| CodeSize: | 176128 |
| InitializedDataSize: | 299008 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x13d4 |
| OSVersion: | 4 |
| ImageVersion: | 1 |
| SubsystemVersion: | 4 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 1.0.0.0 |
| ProductVersionNumber: | 1.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Chinese (Simplified) |
| CharacterSet: | Unicode |
| CompanyName: | UEFI |
| ProductName: | Kawaii-Unicorn |
| FileVersion: | 1 |
| ProductVersion: | 1 |
| InternalName: | Kawaii-Unicorn |
| OriginalFileName: | Kawaii-Unicorn.exe |
Total processes
582
Monitored processes
446
Malicious processes
68
Suspicious processes
67
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 516 | C:\Users\admin\AppData\Local\Temp\Unicorn-14994.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-14994.exe | Unicorn-31549.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 720 | C:\Users\admin\AppData\Local\Temp\Unicorn-53710.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-53710.exe | — | Unicorn-54714.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 728 | C:\Users\admin\AppData\Local\Temp\Unicorn-61350.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-61350.exe | Unicorn-56001.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 744 | C:\Users\admin\AppData\Local\Temp\Unicorn-22473.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-22473.exe | Unicorn-46017.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 856 | C:\Users\admin\AppData\Local\Temp\Unicorn-52218.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-52218.exe | Unicorn-18093.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 872 | C:\Users\admin\AppData\Local\Temp\Unicorn-14160.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-14160.exe | — | Unicorn-64190.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1072 | C:\Users\admin\AppData\Local\Temp\Unicorn-22983.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-22983.exe | — | Unicorn-61350.exe | |||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1272 | "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1 | C:\Windows\System32\BackgroundTransferHost.exe | — | svchost.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Download/Upload Host Exit code: 1 Version: 10.0.19041.3636 (WinBuild.160101.0800) Modules
| |||||||||||||||
| 1276 | C:\Users\admin\AppData\Local\Temp\Unicorn-1577.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-1577.exe | Unicorn-2716.exe | ||||||||||||
User: admin Company: UEFI Integrity Level: MEDIUM Version: 1.00 Modules
| |||||||||||||||
| 1300 | "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1 | C:\Windows\System32\BackgroundTransferHost.exe | — | svchost.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Download/Upload Host Exit code: 1 Version: 10.0.19041.3636 (WinBuild.160101.0800) Modules
| |||||||||||||||
Total events
10 306
Read events
10 291
Write events
15
Delete events
0
Modification events
| (PID) Process: | (7364) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content |
| Operation: | write | Name: | CachePrefix |
Value: | |||
| (PID) Process: | (7364) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies |
| Operation: | write | Name: | CachePrefix |
Value: Cookie: | |||
| (PID) Process: | (7364) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History |
| Operation: | write | Name: | CachePrefix |
Value: Visited: | |||
| (PID) Process: | (7732) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content |
| Operation: | write | Name: | CachePrefix |
Value: | |||
| (PID) Process: | (7732) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies |
| Operation: | write | Name: | CachePrefix |
Value: Cookie: | |||
| (PID) Process: | (7732) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History |
| Operation: | write | Name: | CachePrefix |
Value: Visited: | |||
| (PID) Process: | (1300) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content |
| Operation: | write | Name: | CachePrefix |
Value: | |||
| (PID) Process: | (1300) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Cookies |
| Operation: | write | Name: | CachePrefix |
Value: Cookie: | |||
| (PID) Process: | (1300) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\History |
| Operation: | write | Name: | CachePrefix |
Value: Visited: | |||
| (PID) Process: | (1272) BackgroundTransferHost.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.contentdeliverymanager_cw5n1h2txyewy\Internet Settings\Cache\Content |
| Operation: | write | Name: | CachePrefix |
Value: | |||
Executable files
1 008
Suspicious files
5
Text files
0
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 6392 | Unicorn-31549.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-42274.exe | executable | |
MD5:E52602F3837C54442CBC7EE0E55F154C | SHA256:205AD2613DB82A14FD6F6B06D16843932E69142F2383EA773A801A7068CA4DAC | |||
| 516 | Unicorn-14994.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-61709.exe | executable | |
MD5:D32642837FC2CC9A77311E0AF0B0CCB2 | SHA256:9394737D9807B11B9CA28F710CBD186C48326C8D93046E78DE96E239DB0FC7A9 | |||
| 4976 | Unicorn-25855.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-60832.exe | executable | |
MD5:0F9B72AA394A3FDB1FCFEEA9701544F4 | SHA256:168EA502DA29F7E6A7E543633A4DE62FD034505D8741FD8339BB9A8259D0EA84 | |||
| 3268 | 1 (237).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-31549.exe | executable | |
MD5:6D78F9D6330DDBEFF92E384EB4B7504F | SHA256:9E7CDA540472A7817965659CA4811CDFDE1A7380FAC09E673D138C66B593C6E6 | |||
| 2096 | Unicorn-60832.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-37766.exe | executable | |
MD5:66EA498E803E88B687D8E69C82CCA1E4 | SHA256:CFD85F8D19652F47123CB672C98619B43867BE1F74F12B341F0F4AF367F1479C | |||
| 6392 | Unicorn-31549.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-9907.exe | executable | |
MD5:30C886E74A27EFB686B61AB9B1C15A74 | SHA256:1BEA9C49CF2C0816F927581CAB0DABE944944D77C8BC488E6185E6EA9381F803 | |||
| 6156 | Unicorn-18093.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-56001.exe | executable | |
MD5:198C0A7DFDCC568F36C6347768551E80 | SHA256:C1AF6536BEC420B116CF697BFE564FFFBE4F909B67CFE380851F29710A30966F | |||
| 3268 | 1 (237).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-25855.exe | executable | |
MD5:AF9C23A5EBBB281597B967D8C68E5292 | SHA256:08C34392A09D1C204083334A098F6AB6E122325CD95F40D9FB444734C2E47807 | |||
| 6392 | Unicorn-31549.exe | C:\Users\admin\AppData\Local\Temp\Unicorn-14994.exe | executable | |
MD5:69C86599A96C801FCA46F2C9343D7ED6 | SHA256:85D924607DBDB1276833C6EAFA2BC46B2E760620B78FD531258410EE18FD4FE6 | |||
| 3268 | 1 (237).exe | C:\Users\admin\AppData\Local\Temp\Unicorn-56010.exe | executable | |
MD5:0D9012D850114D23AF51BC98669D6BB3 | SHA256:6F0395B37606CF1A85E96468A938DFA456BBE43C235F5424D3E6C0EA794C2606 | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
25
DNS requests
16
Threats
0
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
— | — | GET | 200 | 23.48.23.169:80 | http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl | unknown | — | — | whitelisted |
6544 | svchost.exe | GET | 200 | 23.54.109.203:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
7732 | BackgroundTransferHost.exe | GET | 200 | 23.54.109.203:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D | unknown | — | — | whitelisted |
8288 | SIHClient.exe | GET | 200 | 2.23.246.101:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl | unknown | — | — | whitelisted |
1760 | backgroundTaskHost.exe | GET | 200 | 23.54.109.203:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D | unknown | — | — | whitelisted |
8288 | SIHClient.exe | GET | 200 | 2.23.246.101:80 | http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl | unknown | — | — | whitelisted |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |
— | — | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
2104 | svchost.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
— | — | 23.48.23.169:80 | crl.microsoft.com | Akamai International B.V. | DE | whitelisted |
3304 | RUXIMICS.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
5496 | MoUsoCoreWorker.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
3216 | svchost.exe | 20.198.162.78:443 | client.wns.windows.com | MICROSOFT-CORP-MSN-AS-BLOCK | SG | whitelisted |
6544 | svchost.exe | 40.126.32.140:443 | login.live.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
6544 | svchost.exe | 23.54.109.203:80 | ocsp.digicert.com | AKAMAI-AS | DE | whitelisted |
DNS requests
Domain | IP | Reputation |
|---|---|---|
google.com |
| whitelisted |
crl.microsoft.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
login.live.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
settings-win.data.microsoft.com |
| whitelisted |
arc.msn.com |
| whitelisted |
www.bing.com |
| whitelisted |
slscr.update.microsoft.com |
| whitelisted |
www.microsoft.com |
| whitelisted |